Macrome - Excel Macro Document Reader/Writer For Red Teamers And Analysts
https://www.ired.dev/irb/macrome-excel-macro-document-readerwriter-for-red-teamers-and-analysts-1d11
https://www.ired.dev/irb/macrome-excel-macro-document-readerwriter-for-red-teamers-and-analysts-1d11
iRed.DEV
Macrome - Excel Macro Document Reader/Writer For Red Teamers And Analysts
An Excel Macro Document Reader/Writer for Red Teamers & Analysts. Blog posts describing what...
Run application as system with interactive system process support (active Windows session)
https://github.com/DarkCoderSc/PowerRunAsSystem
https://github.com/DarkCoderSc/PowerRunAsSystem
GitHub
GitHub - PhrozenIO/PowerRunAsSystem: PowerRunAsSystem is a PowerShell noscript, also available as an installable module through the…
PowerRunAsSystem is a PowerShell noscript, also available as an installable module through the PowerShell Gallery, designed to impersonate the NT AUTHORITY/SYSTEM user and execute commands or launch ...
metasploit —exploit for CVE-2022-21882 (Win32k LPE)
https://github.com/rapid7/metasploit-framework/pull/16202
https://github.com/rapid7/metasploit-framework/pull/16202
GitHub
Add exploit for CVE-2022-21882 (Win32k LPE) by zeroSteiner · Pull Request #16202 · rapid7/metasploit-framework
This adds an exploit for CVE-2022-21882 which is a patch bypass for CVE-2021-1732. It updates and combines both techniques into a single mega-exploit module that will use the updated technique as n...
Certipy 2.0: BloodHound, New Escalations, Shadow Credentials, Golden Certificates, and more!
شامل 8 روش برای بالا بردن سطح دسترسی در دامین با استفاده از آسیب پذیری و اشتباه در کانفیگ
https://github.com/ly4k/Certipy
https://research.ifcr.dk/certipy-2-0-bloodhound-new-escalations-shadow-credentials-golden-certificates-and-more-34d1c26f0dc6
#ceripy
شامل 8 روش برای بالا بردن سطح دسترسی در دامین با استفاده از آسیب پذیری و اشتباه در کانفیگ
https://github.com/ly4k/Certipy
https://research.ifcr.dk/certipy-2-0-bloodhound-new-escalations-shadow-credentials-golden-certificates-and-more-34d1c26f0dc6
#ceripy
GitHub
GitHub - ly4k/Certipy: Tool for Active Directory Certificate Services enumeration and abuse
Tool for Active Directory Certificate Services enumeration and abuse - ly4k/Certipy
Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021.
https://github.com/0vercl0k/zenith
https://github.com/0vercl0k/zenith
GitHub
GitHub - 0vercl0k/zenith: Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on…
Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021. - 0vercl0k/zenith
Custom Queries - Brought Up to BH4.1 syntax
https://github.com/ZephrFish/Bloodhound-CustomQueries
#bloodhound
https://github.com/ZephrFish/Bloodhound-CustomQueries
#bloodhound
GitHub
GitHub - ZephrFish/Bloodhound-CustomQueries: Custom Queries - Brought Up to BH4.1 syntax
Custom Queries - Brought Up to BH4.1 syntax. Contribute to ZephrFish/Bloodhound-CustomQueries development by creating an account on GitHub.
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
پ.ن حملات LOLA حملاتی که از خودت سیستم عامل یا برنامه استفاده میشه برای عملیات مخرب هیچ چیز اضافه تری استفاده نمیشه اکثرا APT از این نوع حملات میزنن که بزرگ ترینشون Lazarus (کره شمالی)
https://encyclopedia.kaspersky.com/glossary/lotl-living-off-the-land/
ابزارها :
https://github.com/LOLBAS-Project/LOLBAS
#Redteam #LOLA #LOLbins #LOLnoscripts
پ.ن حملات LOLA حملاتی که از خودت سیستم عامل یا برنامه استفاده میشه برای عملیات مخرب هیچ چیز اضافه تری استفاده نمیشه اکثرا APT از این نوع حملات میزنن که بزرگ ترینشون Lazarus (کره شمالی)
https://encyclopedia.kaspersky.com/glossary/lotl-living-off-the-land/
ابزارها :
https://github.com/LOLBAS-Project/LOLBAS
#Redteam #LOLA #LOLbins #LOLnoscripts
Kaspersky
Living off the Land (LotL) attack
A Living off the Land (LotL) attack describes a cyberattack in which intruders use legitimate software and functions available in the system to perform malicious actions on it. Living off the land means surviving on what you can forage, hunt,
CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules.
https://github.com/CoolerVoid/codecat
#staticanalysis #codecat
https://github.com/CoolerVoid/codecat
#staticanalysis #codecat
Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.
https://github.com/Dramelac/GoldenCopy
https://github.com/Dramelac/GoldenCopy
GitHub
GitHub - Dramelac/GoldenCopy: Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket.
Copy the properties and groups of a user from neo4j (bloodhound) to create an identical golden ticket. - Dramelac/GoldenCopy
PoC for CVE-2022-21974 and CVE-2022-21971 Roaming Security Rights Management Services Remote Code Execution Vulnerability"
https://github.com/0vercl0k/CVE-2022-21971
https://github.com/0vercl0k/CVE-2022-21974
#RTF #wordpad #OFFICE #RCE
https://github.com/0vercl0k/CVE-2022-21971
https://github.com/0vercl0k/CVE-2022-21974
#RTF #wordpad #OFFICE #RCE
GitHub
GitHub - 0vercl0k/CVE-2022-21971: PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability"
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" - 0vercl0k/CVE-2022-21971
کلیه اطلاعاتی که لیک شده اند:
https://share.vx-underground.org/Conti/
فقط دکریپتور:
https://anonfiles.com/l3b7n7L6xc/conti_locker_7z
لاکر با پسورد
https://anonfiles.com/lfV7c2L8xa/conti_locker_v2_zip
#conti
https://share.vx-underground.org/Conti/
فقط دکریپتور:
https://anonfiles.com/l3b7n7L6xc/conti_locker_7z
لاکر با پسورد
https://anonfiles.com/lfV7c2L8xa/conti_locker_v2_zip
#conti
Conti TTP
https://github.com/Res260/conti_202202_leak_procedures
https://github.com/soufianetahiria/ContiLeaks/blob/main/cobaltsrike_lolbins
https://github.com/Res260/conti_202202_leak_procedures
https://github.com/soufianetahiria/ContiLeaks/blob/main/cobaltsrike_lolbins
GitHub
GitHub - Res260/conti_202202_leak_procedures: This repository contains procedures found in the Feb 2022 conti leaks. They were…
This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in the leak and posted on may 10th, 2021 in the...